1/* rijndael - An implementation of the Rijndael cipher. 2 * Copyright (C) 2000 Rafael R. Sevilla <sevillar@team.ph.inter.net> 3 * 4 * Currently maintained by brian d foy, <bdfoy@cpan.org> 5 * 6 * This library is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU Lesser General Public 8 * License as published by the Free Software Foundation; either 9 * version 2 of the License, or (at your option) any later version. 10 * 11 * This library is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 * Library General Public License for more details. 15 * 16 * You should have received a copy of the GNU Library General Public 17 * License along with this library; if not, write to the Free 18 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 19 */ 20 21/* 22 * Rijndael is a 128/192/256-bit block cipher that accepts key sizes of 23 * 128, 192, or 256 bits, designed by Joan Daemen and Vincent Rijmen. See 24 * http://www.esat.kuleuven.ac.be/~rijmen/rijndael/ for details. 25 */ 26 27#if !defined(RIJNDAEL_H) 28#define RIJNDAEL_H 29 30#include <stdlib.h> 31#include <sys/types.h> 32 33#ifdef _CRYPT_RIJNDAEL_H_TYPES 34 #undef _CRYPT_RIJNDAEL_H_TYPES 35#endif 36 37/* Irix. We could include stdint.h and use uint8_t but that also 38 * requires that we specifically drive the compiler in C99 mode. 39 * Defining UINT8 as unsigned char is, ultimately, what stdint.h 40 * would do anyway. 41 */ 42#if defined(_SGIAPI) || defined( __sgi ) 43 #define _CRYPT_RIJNDAEL_H_TYPES 44 typedef __uint32_t UINT32; 45 typedef unsigned char UINT8; 46#endif 47 48/* Solaris has sys/types.h, but doesn't act like everyone else 49 * GCC defines __sun__ and __sun (report from Todd Ross) 50 * Solaris cc defines __sun 51 */ 52#if defined( __sun__ ) || defined( __sun ) 53 #define _CRYPT_RIJNDAEL_H_TYPES 54 typedef uint32_t UINT32; 55 typedef uint8_t UINT8; 56#endif 57 58/* Mac OS X 10.3 defines things differently than most other 59systems */ 60#if defined( __ENVIRONMENT_MAC_OS_X_VERSION_MIN_REQUIRED__ ) && __ENVIRONMENT_MAC_OS_X_VERSION_MIN_REQUIRED__-0 < 1140 61 #define _CRYPT_RIJNDAEL_H_TYPES 62 typedef u_int32_t UINT32; 63 typedef u_char UINT8; 64#endif 65 66/* Mac OS X 10.3 defines things differently than most other 67systems */ 68#if defined(__APPLE__) && ! defined(__DARWIN_UNIX03) 69 #define _CRYPT_RIJNDAEL_H_TYPES 70 typedef u_int32_t UINT32; 71 typedef u_char UINT8; 72#endif 73 74/* I expect this to be the usual case */ 75#if ! defined(_CRYPT_RIJNDAEL_H_TYPES) && ( defined(_SYS_TYPES_H) || defined(_SYS_TYPES_H_) ) 76 #define _CRYPT_RIJNDAEL_H_TYPES 77 typedef __uint32_t UINT32; 78 typedef __uint8_t UINT8; 79#endif 80 81#if defined(__CYGWIN__) && ! defined(_CRYPT_RIJNDAEL_H_TYPES) 82 #define _CRYPT_RIJNDAEL_H_TYPES 83 typedef unsigned int UINT32; 84 typedef unsigned char UINT8; 85#endif 86 87#if defined(__MINGW32__) && ! defined(_CRYPT_RIJNDAEL_H_TYPES) 88 #define _CRYPT_RIJNDAEL_H_TYPES 89 typedef unsigned int UINT32; 90 typedef unsigned char UINT8; 91#endif 92 93#if defined(WIN32) && ! defined(_CRYPT_RIJNDAEL_H_TYPES) 94 #define _CRYPT_RIJNDAEL_H_TYPES 95 typedef unsigned int UINT32; 96 typedef unsigned char UINT8; 97#endif 98 99#if ! defined(_CRYPT_RIJNDAEL_H_TYPES) 100 #define _CRYPT_RIJNDAEL_H_TYPES 101 typedef unsigned int UINT32; 102 typedef unsigned char UINT8; 103#endif 104 105/* Other block sizes and key lengths are possible, but in the context of 106 * the ssh protocols, 256 bits is the default. 107 */ 108#define RIJNDAEL_BLOCKSIZE 16 109#define RIJNDAEL_KEYSIZE 32 110 111#define MODE_ECB 1 /* Are we ciphering in ECB mode? */ 112#define MODE_CBC 2 /* Are we ciphering in CBC mode? */ 113#define MODE_CFB 3 /* Are we ciphering in 128-bit CFB mode? */ 114#define MODE_PCBC 4 /* Are we ciphering in PCBC mode? */ 115#define MODE_OFB 5 /* Are we ciphering in 128-bit OFB mode? */ 116#define MODE_CTR 6 /* Are we ciphering in counter mode? */ 117 118/* Allow keys of size 128 <= bits <= 256 */ 119 120#define RIJNDAEL_MIN_KEYSIZE 16 121#define RIJNDAEL_MAX_KEYSIZE 32 122 123typedef struct { 124 UINT32 keys[60]; /* maximum size of key schedule */ 125 UINT32 ikeys[60]; /* inverse key schedule */ 126 int nrounds; /* number of rounds to use for our key size */ 127 int mode; /* encryption mode */ 128} RIJNDAEL_context; 129 130/* This basically performs Rijndael's key scheduling algorithm, as it's the 131 * only initialization required anyhow. The key size is specified in bytes, 132 * but the only valid values are 16 (128 bits), 24 (192 bits), and 32 (256 133 * bits). If a value other than these three is specified, the key will be 134 * truncated to the closest value less than the key size specified, e.g. 135 * specifying 7 will use only the first 6 bytes of the key given. DO NOT 136 * PASS A VALUE LESS THAN 16 TO KEYSIZE! 137 */ 138void 139rijndael_setup(RIJNDAEL_context *ctx, size_t keysize, const UINT8 *key); 140 141/* 142 * rijndael_encrypt() 143 * 144 * Encrypt 16 bytes of data with the Rijndael algorithm. Before this 145 * function can be used, rijndael_setup must be used in order to initialize 146 * Rijndael's key schedule. 147 * 148 * This function always encrypts 16 bytes of plaintext to 16 bytes of 149 * ciphertext. The memory areas of the plaintext and the ciphertext can 150 * overlap. 151 */ 152 153void 154rijndael_encrypt(RIJNDAEL_context *context, 155 const UINT8 *plaintext, 156 UINT8 *ciphertext); 157 158/* 159 * rijndael_decrypt() 160 * 161 * Decrypt 16 bytes of data with the Rijndael algorithm. 162 * 163 * Before this function can be used, rijndael_setup() must be used in order 164 * to set up the key schedule required for the decryption algorithm. 165 * 166 * This function always decrypts 16 bytes of ciphertext to 16 bytes of 167 * plaintext. The memory areas of the plaintext and the ciphertext can 168 * overlap. 169 */ 170 171void 172rijndael_decrypt(RIJNDAEL_context *context, 173 const UINT8 *ciphertext, 174 UINT8 *plaintext); 175 176/* Encrypt a block of plaintext in a mode specified in the context */ 177void 178block_encrypt(RIJNDAEL_context *ctx, UINT8 *input, int inputlen, 179 UINT8 *output, UINT8 *iv); 180 181/* Decrypt a block of plaintext in a mode specified in the context */ 182void 183block_decrypt(RIJNDAEL_context *ctx, UINT8 *input, int inputlen, 184 UINT8 *output, UINT8 *iv); 185 186 187#endif /* RIJNDAEL_H */ 188